AstraSync
AstraSync issues verifiable identity credentials and trust scores for AI agents through its Know Your Agent platform.
Identity and trustLive
Agents get an ASTRA-ID, a portable agent card, and a dynamic trust score, registered and verified through the Know Your Agent API and SDKs.
- Credential type
- ASTRA-ID agent card (ERC-8004-based), with support for mapping external DID, Verifiable Credential, SD-JWT, and X.509 credentials to the ASTRA-ID as primary anchor
- Who accepts it
- A2A (Agent2Agent) counterparties, MCP endpoints, Commerce protocol integrators declaring ACP, AP2, UCP, VI, Agent Pay, x402, or TAP support
- Delegation model
- Agent cards declare a PDLSS permission envelope (Purpose, Duration, Limits, Scope, Self-instantiation) set immutably at registration
- Revocation
- No active revocation endpoint documented; lifecycle control is via deactivation, which moves an agent to a deactivated state while preserving audit history
- Reputation model
- Trust score from 0 to 100, computed at runtime from metadata completeness, KYD verification status, observed runtime behavior, and blockchain-recorded verification events
- Integration
- API, SDK
- Pricing
- Free tier includes 100 verifications per month. Paid tiers are Developer at $9 per month, Developer Plus at $99 per month, Business at $299 per month, and custom Enterprise pricing.
Gotchas
- API-key registrations require a verified Know Your Developer (KYD) profile; without one, registration returns 403 KYD_REQUIRED and falls back to an asynchronous owner-approval flow.
- Permission boundaries (PDLSS) are set at registration and are immutable afterward; changing them requires retiring the agent and registering a new one.
- An agent cannot read its own permissions via the API; GET on its own record returns 403, by design.